2018 Was Second-Most Active Year for Data Breaches
More than 6,500 data breaches were reported in 2018, a new report from Risk Based Security shows. The breaches, both big and small, were reported through Dec. 31, 2018 — marking a 3.2% decline from the 6,728 breaches reported in 2017 and making it the second-most active year for data breaches on record. Some 5…
Devastating Cyberattack on Email Provider Destroys 18 Years of Data
An unknown attacker appears to have deleted 18 years’ worth of customer emails, along with all backup copies of the data, at email provider VFEmail. A note on the firm’s website Tuesday described the attack, first reported by KrebsOnSecurity, as causing “catastrophic destruction.” “This person has destroyed all data in the US, both primary and…
773 Million Email Addresses, 21 Million Passwords For Sale on Hacker Forum
A folder with over 12,000 files containing nearly 773 million email addresses and over 21 million unique passwords from numerous previous data breaches — some potentially dating back to 2008 — has been posted online in another massive leak of credential data. Security researcher Troy Hunt discovered the 87 GB worth of data on cloud…
Overall Volume of Thanksgiving Weekend Malware Attacks Lower This Year
Somewhat unexpectedly, the overall volume of malware attacks leading up to and through this year’s Thanksgiving holiday weekend was actually substantially lower than for the same days last year. Security vendor SonicWall, which tracks threat data on a continuous basis, says its customers encountered a total of 91 million attacks overall in the days preceding…
Data revolution backlash: Consumers prepared to take decisive action if organizations mishandle data
US consumers believe technological advancements pose a risk to their data privacy; believe it is the responsibility of organisations to make the purpose of data use clear and say organisations that fail to protect people’s data should face immediate penalties from regulators, according to a survey conducted by Edelman Intelligence. The research found that the…
Get serious about consumer data protection
The idea that organizations should be doing more to protect the personal data they hold about individuals has been gaining ground in recent years. The European Union’s General Data Protection Regulation (GDPR) sparked a scramble to operationalize data management and security. If you thought that it was a one-off, then the incoming California Consumer Privacy…
Cybersecurity – how confident (complacent?) are you?
Attention all cybersecurity professionals! We all know that today’s cybersecurity landscape is an ever-changing one. So how often should organizations review their cybersecurity strategy? If it’s a question that hasn’t been asked in a while, chances are that in this world of constant threat, you’re probably at risk. For despite the near constant stream of…
7 Ways to Prepare for a Cybersecurity Audit
Data breaches, phishing attacks, information disclosure – the Internet can be a scary place. Conducting a cybersecurity audit (or getting a third-party assessment) is a great way to understand your organization’s cybersecurity posture. But, like preparing any exam or review, getting ready for a cybersecurity audit can be intimidating. While every security assessment will be…
When It Comes to Cyber Risks, 2018 Is No Time to Play Games
While some organizations have spent decades fine-tuning their ability to respond to and manage cyber risks, far too many are still playing games with their security strategy. From a cybersecurity perspective, 2017 will go down as a record year for data breaches. The Identity Theft Resource Center (ITRC) reported 1,579 breaches, up 45 percent from 2016. By…
A view of the global threat landscape: Cybercrime and intrusion trends
Established and well-resourced cyber operations will continue to innovate, developing new methods of distributing crimeware and incorporating advanced tactics to infiltrate, disrupt and destroy systems, according to a new report by CrowdStrike. “We’ve already seen cyber adversaries launch massive, destructive attacks that render organizations inoperable for days or weeks. Looking ahead, security teams will be under…